Changes since OpenSSH 6.1
=========================
This release introduces a number of new features:
Features:
* ssh(1)/sshd(8): Added support for AES-GCM authenticated encryption in
SSH protocol 2. The new cipher is available as aes128-gcm@openssh.com
and aes256-gcm@openssh.com. It uses an identical packet format to the
AES-GCM mode specified in RFC 5647, but uses simpler and different
selection rules during key exchange.
* ssh(1)/sshd(8): Added support for encrypt-then-mac (EtM) MAC modes
for SSH protocol 2. These modes alter the packet format and compute
the MAC over the packet length and encrypted packet rather than over
the plaintext data. These modes are considered more secure and are
used by default when available.
* ssh(1)/sshd(8): Added support for the UMAC-128 MAC as
"umac-128@openssh.com" and "umac-128-etm@openssh.com". The latter
being an encrypt-then-mac mode.
* sshd(8): Added support for multiple required authentication in SSH
protocol 2 via an AuthenticationMethods option. This option lists
one or more comma-separated lists of authentication method names.
Successful completion of all the methods in any list is required for
authentication to complete. This allows, for example, requiring a
user having to authenticate via public key or GSSAPI before they
are offered password authentication.
* sshd(8)/ssh-keygen(1): Added support for Key Revocation Lists
(KRLs), a compact binary format to represent lists of revoked keys
and certificates that take as little as one bit per certificate when
revoking by serial number. KRLs may be generated using ssh-keygen(1)
and are loaded into sshd(8) via the existing RevokedKeys sshd_config
option.
* ssh(1): IdentitiesOnly now applies to keys obtained from a
PKCS11Provider. This allows control of which keys are offered from
tokens using IdentityFile.
* sshd(8): sshd_config(5)'s AllowTcpForwarding now accepts "local"
and "remote" in addition to its previous "yes"/"no" keywords to allow
the server to specify whether just local or remote TCP forwarding is
enabled.
* sshd(8): Added a sshd_config(5) option AuthorizedKeysCommand to
support fetching authorized_keys from a command in addition to (or
instead of) from the filesystem. The command is run under an account
specified by an AuthorizedKeysCommandUser sshd_config(5) option.
* sftp-server(8): Now supports a -d option to allow the starting
directory to be something other than the user's home directory.
* ssh-keygen(1): Now allows fingerprinting of keys hosted in PKCS#11
tokens using "ssh-keygen -lD pkcs11_provider".
* ssh(1): When SSH protocol 2 only is selected (the default), ssh(1)
now immediately sends its SSH protocol banner to the server without
waiting to receive the server's banner, saving time when connecting.
* ssh(1): Added ~v and ~V escape sequences to raise and lower the
logging level respectively.
* ssh(1): Made the escape command help (~?) context sensitive so that
only commands that will work in the current session are shown.
* ssh-keygen(1): When deleting host lines from known_hosts using
"ssh-keygen -R host", ssh-keygen(1) now prints details of which lines
were removed.
Bugfixes:
* ssh(1): Force a clean shutdown of ControlMaster client sessions when
the ~. escape sequence is used. This means that ~. should now work in
mux clients even if the server is no longer responding.
* ssh(1): Correctly detect errors during local TCP forward setup in
multiplexed clients. bz#2055
* ssh-add(1): Made deleting explicit keys "ssh-add -d" symmetric with
adding keys with respect to certificates. It now tries to delete the
corresponding certificate and respects the -k option to allow deleting
of the key only.
* sftp(1): Fix a number of parsing and command-editing bugs, including
bz#1956
* ssh(1): When muxmaster is run with -N, ensured that it shuts down
gracefully when a client sends it "-O stop" rather than hanging around.
bz#1985
* ssh-keygen(1): When screening moduli candidates, append to the file
rather than overwriting to allow resumption. bz#1957
* ssh(1): Record "Received disconnect" messages at ERROR rather than
INFO priority. bz#2057.
* ssh(1): Loudly warn if explicitly-provided private key is unreadable.
bz#1981
Portable OpenSSH:
* sshd(8): The Linux seccomp-filter sandbox is now supported on ARM
platforms where the kernel supports it.
* sshd(8): The seccomp-filter sandbox will not be enabled if the system
headers support it at compile time, regardless of whether it can be
enabled then. If the run-time system does not support seccomp-filter,
sshd will fall back to the rlimit pseudo-sandbox.
* ssh(1): Don't link in the Kerberos libraries. They aren't necessary
on the client, just on sshd(8). bz#2072
* Fix GSSAPI linking on Solaris, which uses a differently-named GSSAPI
library. bz#2073
* Fix compilation on systems with openssl-1.0.0-fips.
* Fix a number of errors in the RPM spec files.
Checksums:
==========
- SHA1 (openssh-6.2.tar.gz) = b3f6cd774d345f22f6d0038cc9464cce131a0676
- SHA1 (openssh-6.2p1.tar.gz) = 8824708c617cc781b2bb29fa20bd905fd3d2a43d
Reporting Bugs:
===============
- Please read http://www.openssh.com/report.html
Security bugs should be reported directly to openssh@openssh.com
OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and
Ben Lindstrom.